<?php
/* -=-=-=-=-=-=-=-=-=-=-=-=-
     author by terry
-=-=-=-=-=-=-=-=-=-=-=-=- */
error_reporting(7);
require "global.php";

//change status
if($_GET[changeid]!=''){
   $sql = "UPDATE pa_advisory SET `ad_status`='".$_GET[changeid]."'  WHERE ad_id ='".$_GET[id]."' ";
   $DB->query($sql);
   $_GET[action]="list";
}


cpheader();
//set offset
if(!empty($_POST[offset]))
{$offset = $_POST[offset];}
else if  (!empty($_GET[offset]))
{$offset = $_GET[offset]; }
else  {$offset = 0; }


if ($_GET[action]=="add"||$_GET[action]=='mod'||$_GET[action]=='view'){

    $cpforms->inithtmlarea();
	if($_GET[action]=="add"){
			$cpforms->formheader(array('title'=>'Add New Advisory (<font color=red>*</font>=Required Field)',
										'name'=>'article',
			                             'enctype'=>'multipart/form-data'));

			$cpforms->makehidden(array('name'=>'action',
									   'value'=>'doinsert'));
			$rs[ad_showtop] = "1";
			$rs[StartDate] = $rs[EndDate] = time();
	}
	if($_GET[action] == "mod"){
			$cpforms->formheader(array('title'=>'Modify Advisory (<font color=red>*</font>=Required Field)',
										'name'=>'article',
				                        'enctype'=>'multipart/form-data'));

			$cpforms->makehidden(array('name'=>'action',
									   'value'=>'update'));
		    $advisoryid = intval($_GET[id]);
			$cpforms->makehidden(array('name'=>'id',
									   'value'=>$advisoryid));
			$cpforms->makehidden(array('name'=>'offset',
									   'value'=>$offset));
            $read =1;
	        $rs  = $DB->fetch_one_array("SELECT * FROM ".$db_prefix."advisory WHERE ad_id =".$advisoryid);
	}

	if($_GET[action]=="view"){
			$cpforms->formheader(array('title'=>'View Advisory (<font color=red>*</font>=Required Field)',
										'name'=>'article',
				                        'enctype'=>'multipart/form-data'));
		    $advisoryid = intval($_GET[id]);
			$cpforms->makehidden(array('name'=>'id',
									   'value'=>$advisoryid));
			$cpforms->makehidden(array('name'=>'offset',
									   'value'=>$offset));
            $view =1;
	        $rs  = $DB->fetch_one_array("SELECT * FROM ".$db_prefix."advisory WHERE ad_id =".$advisoryid);
	}

	
	?>
     <?       
	       $cpforms->gethightext(array('text'=>"√Username",'name'=>"user_name",'only'=>1,'value'=>"$rs[ad_uname]",'read'=>"$read",'view'=>"$view",'icon'=>"'Username is 6-12 Characters and is Case Sensitive.', WIDTH, 200, SHADOW, true"));
	       $cpforms->gethightext(array('text'=>"Password",'name'=>"password",'type'=>"password",'only'=>1,'view'=>"$view",'icon'=>"'Password is 6-12 Characters and is Case Sensitive.', WIDTH, 200, SHADOW, true"));

		   $cpforms->longline(array('title'=>"Contact Information"));
		   $cpforms->gethightext(array('text'=>"√Your First Name",'name'=>"firstname",'only'=>1,'value'=>"$rs[ad_fname]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Your Last Name", 'name'=>"lastname",'only'=>1,'value'=>"$rs[ad_lname]",'view'=>"$view"));
           $cpforms->gethightext(array('text'=>"√Your Email Address", 'name'=>"email",'only'=>1,'value'=>"$rs[ad_email]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Your Phone", 'name'=>"phone",'only'=>1,'value'=>"$rs[ad_phone]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Your Fax", 'name'=>"fax",'value'=>"$rs[ad_fax]",'view'=>"$view"));		  
		   $cpforms->gethightext(array('text'=>"√Your Job Title", 'name'=>"jobtitle",'only'=>1,'value'=>"$rs[ad_jobtitle]",'view'=>"$view"));
		  // $cpforms->makeselect(array('text'=>"√Industry Category", 'name'=>"industry",'only'=>1,'option'=>$jobcategory,'selected'=>"$rs[ad_industry]",'view'=>"$view",'viewfunction'=>'jobcategory'));
		   $cpforms->gethightext(array('text'=>"√Your Skype ID", 'name'=>"skype",'value'=>"$rs[ad_skype]",'view'=>"$view",'icon'=>"' If you do not have a Skype ID, you may complete this field later.  To get FREE Skype, <a href=\'http://www.skype.com/download\'>Go Here</a>', WIDTH, 200, TITLE,'', SHADOW, true, FADEIN, 100, FADEOUT, 100, STICKY, 1,  CLOSEBTN, true, CLICKCLOSE, true"));
		   $cpforms->gethightext(array('text'=>"√Your Spoken Language(s)",'name'=>"spokenlanguage",'only'=>1,'value'=>"$rs[ad_spoken]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Years of Work Experience",'name'=>"yrexp",'only'=>1,'value'=>"$rs[ad_yrexp]",'view'=>"$view"));
           $cpforms->maketextarea(array('text'=>"√Please write a brief description about you or your company here",'only'=>1,'name'=>"description",'value'=>"$rs[ad_copdes]",'view'=>"$view" ,'icon'=>"'Please describe in 500 characters or less.  You may edit this later.', WIDTH, 200, SHADOW, true"));
           $cpforms->gethighradio(array('text'=>"Would you like to subscribe to our newsletter",'name'=>"newsmailist",'only'=>1,'selected'=>"$rs[ad_newsmailist]",'view'=>"$view"));		   
		   $cpforms->gethightext(array('text'=>"How did you hear about us?",'name'=>"howus",'only'=>1,'value'=>"$rs[ad_howus]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"Service Code",'name'=>"servicecode",'value'=>"$rs[ad_servicecode]",'view'=>"$view",'icon'=>"'If you have a service code please enter it here.', WIDTH, 200, SHADOW, true"));
		   $cpforms->makefile(array('text'=>"√Picture (Only accept image size less than 50KB.)",'name'=>"uploadfile", 'value'=>"$rs[ad_upload]",'view'=>"$view",'url'=>'uploadfiles/advisory/'));
		 
		   $cpforms->longline(array('title'=>"Company Information"));
		   $cpforms->gethightext(array('text'=>"√Company Name", 'name'=>"companyname",'only'=>1,'value'=>"$rs[ad_copname]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Company Website URL",'name'=>"companyurl",'value'=>"$rs[ad_website]",'view'=>"$view"));
		   $cpforms->makeselect(array('text'=>"√Industry", 'name'=>"industry",'only'=>1,'option'=>$jobcategory,'selected'=>"$rs[ad_industry]",'view'=>"$view",'viewfunction'=>'jobcategory'));
		   $cpforms->gethightext(array('text'=>"Company Size", 'name'=>"companysize",'only'=>1,'value'=>"$rs[ad_copsize]",'view'=>"$view",'icon'=>"' Enter an estimated number of full time employees.', WIDTH, 300, SHADOW, true"));
		   $cpforms->gethightext(array('text'=>"Business Address",'name'=>"address",'only'=>1,'value'=>"$rs[ad_address]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Location - City",'name'=>"locity",'only'=>1,'value'=>"$rs[ad_city]",'view'=>"$view"));
		   $cpforms->makeselect(array('text'=>"√Location - State", 'name'=>"lostate",'only'=>1,'option'=>$state,'selected'=>"$rs[ad_state]",'view'=>"$view",'viewfunction'=>'state'));
		   $cpforms->gethightext(array('text'=>"√Location - Zip Code",'name'=>"lozip",'only'=>1,'value'=>"$rs[ad_zip]",'view'=>"$view"));
		   $cpforms->makeselect(array('text'=>"√Location - Country",'name'=>"locountry",'only'=>1,'option'=>$country,'selected'=>"$rs[ad_country]",'view'=>"$view",'viewfunction'=>'country'));
           $cpforms->makeselect(array('text'=>"√Your General Service Area",'name'=>"generalarea",'only'=>1,'option'=>$service,'selected'=>"$rs[ad_generalarea]",'view'=>"$view",'viewfunction'=>'service'));
		   $cpforms->makeselect(array('text'=>"√Your Primary Service Area (State)",'name'=>"pristate",'only'=>1,'option'=>$state,'selected'=>"$rs[ad_primarystate]",'view'=>"$view",'viewfunction'=>'state'));
		   $cpforms->makeselect(array('text'=>"√Your Primary Service Area (Country)",'name'=>"pricountry",'only'=>1,'option'=>$country,'selected'=>"$rs[ad_primarycountry]",'view'=>"$view",'viewfunction'=>'country'));
		   $cpforms->gethightext(array('text'=>"√Your Specialty",'name'=>"specialty",'only'=>1,'value'=>"$rs[ad_specialty]",'view'=>"$view"));
		  
		   $cpforms->gethightext(array('text'=>"√If service area is outside of the U.S., please indicate location",'name'=>"indicate",'value'=>"$rs[ad_indicate]",'view'=>"$view"));
		   $cpforms->longline(array('title'=>"My Links"));		   
		   $cpforms->gethightext(array('text'=>"√My Top 3 Clients(1)",'name'=>"myclient1",'value'=>"$rs[ad_top3_1]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√My Top 3 Clients(2)",'name'=>"myclient2",'value'=>"$rs[ad_top3_2]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√My Top 3 Clients(3)",'name'=>"myclient3",'value'=>"$rs[ad_top3_3]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√My Online Links(1)",'name'=>"myonline1",'value'=>"$rs[ad_links_1]",'view'=>"$view",'prevalue'=>"http://"));
		   $cpforms->gethightext(array('text'=>"√My Online Links(2)",'name'=>"myonline2",'value'=>"$rs[ad_links_2]",'view'=>"$view",'prevalue'=>"http://"));
		   $cpforms->gethightext(array('text'=>"√My Online Links(3)",'name'=>"myonline3",'value'=>"$rs[ad_links_3]",'view'=>"$view",'prevalue'=>"http://"));
		   $cpforms->gethightext(array('text'=>"√My Favoriate Sites (1)",'name'=>"myfavoritet1",'value'=>"$rs[ad_sites_1]",'view'=>"$view",'prevalue'=>"http://"));
		   $cpforms->gethightext(array('text'=>"√My Favoriate Sites (2)",'name'=>"myfavoritet2",'value'=>"$rs[ad_sites_2]",'view'=>"$view",'prevalue'=>"http://"));
		   $cpforms->gethightext(array('text'=>"√My Favoriate Sites (3)",'name'=>"myfavoritet3",'value'=>"$rs[ad_sites_3]",'view'=>"$view",'prevalue'=>"http://")); 
		   $cpforms->gethightext(array('text'=>"√My Professional Affiliation (1)",'name'=>"myprofession1",'value'=>"$rs[ad_profess_1]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√My Professional Affiliation (2)",'name'=>"myprofession2",'value'=>"$rs[ad_profess_2]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√My Professional Affiliation (3)",'name'=>"myprofession3",'value'=>"$rs[ad_profess_3]",'view'=>"$view"));

	 ?>

<?
		
      if($_GET[action]=="view"){$cpforms->noformfooter();}
	   else{ $cpforms->formfooter(array('confirm'=>1));}
}


if ($_GET[action]=="list"){


	if($_GET[action]=="list"){   
		$nav = new buildNav;

		$total = $DB->fetch_one_array("SELECT COUNT(*) AS count FROM ".$db_prefix."advisory");

		$nav->total_result = $total[count];
 
		if (empty($total[count])) {
			pa_exit("<font color=red>No advisory!</font><input type=button value='Add New' onclick='location.href=\"advisory.php?action=add\"'>");
		}
		$by = "ad_id"; 
		$order = "DESC";
        $_GET[order1]==''&&$order1=1;$_GET[order2]==''&&$order2=1;$_GET[order3]==''&&$order3=1;$_GET[order4]==''&&$order4=1;
		$_GET[order5]==''&&$order5=1;$_GET[order6]==''&&$order6=1;$_GET[order7]==''&&$order7=1;$_GET[order8]==''&&$order8=1;$_GET[order9]==''&&$order9=1;$_GET[order10]==''&&$order10=1;$_GET[order11]==''&&$order11=1;$_GET[order12]==''&&$order12=1;$_GET[order13]==''&&$order13=1;
		switch($_GET[swh]){
		   case 1:
			   $by = "ad_copname";
               if($_GET[order1]==1){$order1=2; $order=" DESC ";
			   $image1 = "<img src=\"images/dot1.gif\">";}else{$order1=1;$order=" ASC ";
			   $image1 = "<img src=\"images/dot2.gif\">";}
			   break;
           case 2:
               $by = "ad_fname";
               if($_GET[order2]==1){$order2=2; $order=" DESC ";$image2 = "<img src=\"images/dot1.gif\">";}else{$order2=1;$order=" ASC ";$image2 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 3:
                $by = "ad_lname";
               if($_GET[order3]==1){$order3=2; $order=" DESC ";$image3 = "<img src=\"images/dot1.gif\">";}else{$order3=1;$order=" ASC ";$image3 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 4:
               $by = "ad_industry";
               if($_GET[order4]==1){$order4=2; $order=" DESC ";$image4 = "<img src=\"images/dot1.gif\">";}else{$order4=1;$order=" ASC ";$image4 = "<img src=\"images/dot2.gif\">";}
			   break;	
		    case 5:
                $by = "ad_prifocus";
               if($_GET[order5]==1){$order5=2; $order=" DESC ";$image5 = "<img src=\"images/dot1.gif\">";}else{$order5=1;$order=" ASC ";$image5 = "<img src=\"images/dot2.gif\">";}
			   break;	
    	    case 6:
               $by = "ad_city";
               if($_GET[order6]==1){$order6=2; $order=" DESC ";$image6 = "<img src=\"images/dot1.gif\">";}else{$order6=1;$order=" ASC ";$image6 = "<img src=\"images/dot2.gif\">";}
			   break;	
		   case 7:
               $by = "ad_state";
               if($_GET[order7]==1){$order7=2; $order=" DESC ";$image7 = "<img src=\"images/dot1.gif\">";}else{$order7=1;$order=" ASC ";$image7 = "<img src=\"images/dot2.gif\">";}
			   break;	
		    case 8:
               $by = "ad_country";
               if($_GET[order8]==1){$order8=2; $order=" DESC ";$image8 = "<img src=\"images/dot1.gif\">";}else{$order8=1;$order=" ASC ";$image8 = "<img src=\"images/dot2.gif\">";}
			   break;
			case 9:
               $by = "ad_newsmailist";
               if($_GET[order9]==1){$order9=2; $order=" DESC ";$image9 = "<img src=\"images/dot1.gif\">";}else{$order9=1;$order=" ASC ";$image9 = "<img src=\"images/dot2.gif\">";}
			   break;	
			case 10:
               $by = "ad_regtime";
               if($_GET[order10]==1){$order10=2; $order=" DESC ";$image10 = "<img src=\"images/dot1.gif\">";}else{$order10=1;$order=" ASC ";$image10 = "<img src=\"images/dot2.gif\">";}
			   break;	
			case 11:
               $by = "ad_status";
               if($_GET[order11]==1){$order11=2; $order=" DESC ";$image11 = "<img src=\"images/dot1.gif\">";}else{$order11=1;$order=" ASC ";$image11 = "<img src=\"images/dot2.gif\">";}
			   break;	
			case 12:
               $by = "ad_uname";
               if($_GET[order12]==1){$order12=2; $order=" DESC ";$image12 = "<img src=\"images/dot1.gif\">";}else{$order12=1;$order=" ASC ";$image12 = "<img src=\"images/dot2.gif\">";}
			   break;	
			case 13:
               $by = "ad_servicecode";
               if($_GET[order13]==1){$order13=2; $order=" DESC ";$image13 = "<img src=\"images/dot1.gif\">";}else{$order13=1;$order=" ASC ";$image13 = "<img src=\"images/dot2.gif\">";}
			   break;	
		}

		
		$order = " ORDER BY $by $order";
		//echo "SELECT * FROM ".$db_prefix."advisory $order";
		$nav->execute("SELECT * FROM ".$db_prefix."advisory $order");

    }
	
	echo $nav->title("Advisory list");
    echo $nav->pagenav();

    echo "<table border=\"0\" width=\"100%\" cellpadding=\"4\" cellspacing=\"1\" class=\"tableoutline\">
	<script type=\"text/javascript\" src=\"http://download.skype.com/share/skypebuttons/js/skypeCheck.js\"></script>
	   <tr><td colspan=7><input type=button value=\"Add New Advisory\" onclick=\"location.href='advisory.php?action=add'\"></td></tr>
	   <tr align=\"center\" class=\"tbhead\">
		<td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order1=$order1&swh=1\">$image1 Company </a></td>
		<td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order2=$order2&swh=2\">$image2 First Name </a></td>
		<td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order3=$order3&swh=3\">$image3 Last Name</a></td>
		<td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order12=$order12&swh=12\">$image12 Username </a></td>
		<td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order13=$order13&swh=13\">$image13 Service Code</a></td>
	   <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order4=$order4&swh=4\">$image4 Industry </a></td>
		 <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order5=$order5&swh=5\">$image5 Specialty </a></td>
		 <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order6=$order6&swh=6\">$image6 City </a></td>
		 <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order7=$order7&swh=7\">$image7 State </a></td>
		 <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order8=$order8&swh=8\">$image8 Country </a></td>
         <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order9=$order9&swh=9\">$image9 Newsletter </a></td>
         <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order10=$order10&swh=10\">$image10 Register Date </a></td>
	     <td nowrap  width=\"10%\"><a href=\"advisory.php?action=list&offset=$_GET[offset]&order11=$order11&swh=11\">$image11 Status</a></td> 
		 <td nowrap  width=\"10%\"> Action </td>
	   </tr>\n";
    while ($list = $DB->fetch_array($nav->sql_result)){
		  if($list[ad_newsmailist]==1){$newslist = "Yes" ;}else{$newslist = "No" ;}
           echo "<tr class=".getrowbg().">
                      <td align=\"left\" >".$list[ad_copname]."</td>
					  <td align=\"left\" >".$list[ad_fname]."</td>
					  <td align=\"left\" >".$list[ad_lname]."</td>
					  <td align=\"left\" >".$list[ad_uname]."</td>
					  <td align=\"left\" >".$list[ad_servicecode]."</td>
                      <td align=\"left\" >".$jobcategory[$list[ad_industry]]."</td>
                      <td align=\"left\" >".$list[ad_specialty]."</td>
					  <td align=\"left\" >".$list[ad_city]."</td>
					  <td align=\"left\" >".$state[$list[ad_state]]."</td>
					  <td align=\"left\" >".$country[$list[ad_country]]."</td>
					  <td align=\"left\" >".$newslist."</td>
					  <td align=\"left\" >".date('m/d/Y',$list[ad_regtime])."</td>
					  <td align=\"left\" ><select name=\"status\" onchange=\"changestatus('advisory.php','".$list[ad_id]."',this.options[this.options.selectedIndex].value)\">
						  <option value='0' ";
					if($list[ad_status]==0) echo " selected ";
			              echo ">Starter</option>
						  <option value='1' ";
					if($list[ad_status]==1) echo " selected ";
			              echo ">Active</option>
						  <option value='2' ";
					if($list[ad_status]==2) echo " selected ";
			              echo ">Expired</option></select></td>
                      <td align=\"left\" nowrap><a href=\"advisory.php?action=view&offset=$_GET[offset]&id=$list[ad_id]\">View</a> | <a href=\"advisory.php?action=mod&offset=$_GET[offset]&id=$list[ad_id]\">Edit</a> | <a href=\"advisory.php?action=kill&offset=$_GET[offset]&id=$list[ad_id]\">Delete</a>";
    }
	if(empty($total[count])){
			echo "<tr><td><font color=red>No results!</font></td></tr>";
   }
    echo "</table>\n";
    echo $nav->pagenav();
}

if ($_GET[action]=="kill"){
    $cpforms->formheader(array('title'=>'Sure to delete this?'));
    $cpforms->makehidden(array('name'=>'action',
                                'value'=>'remove'));
    $cpforms->makehidden(array('name'=>'advisoryid',
                                'value'=>$_GET[id]));
	$cpforms->makehidden(array('name'=>'offset',
                                'value'=>$_GET[offset]));
    $cpforms->formfooter(array('confirm'=>2));
}


if( $_POST[action]=="remove"){
    $DB->query("DELETE FROM ".$db_prefix."advisory WHERE ad_id='$_POST[advisoryid]'");
    redirect("./advisory.php?action=list&offset=".$offset,"<font color=red>Deleted Successfully!</font>");
}



if ($_POST[action]=="doinsert"){

    $username       = htmlspecialchars(trim($_POST[user_name]));
	$password       = md5(trim($_POST[password]));
	$firstname      = htmlspecialchars(trim($_POST[firstname]));
	$lastname       = htmlspecialchars(trim($_POST[lastname]));
	$email          = htmlspecialchars(trim($_POST[email]));
	$phone          = htmlspecialchars(trim($_POST[phone]));
	$fax            = htmlspecialchars(trim($_POST[fax]));
	$jobtitle       = htmlspecialchars(trim($_POST[jobtitle]));
	$skype          = htmlspecialchars(trim($_POST[skype]));
	$spokenlanguage = htmlspecialchars(trim($_POST[spokenlanguage]));
	$yrexp          = htmlspecialchars(trim($_POST[yrexp]));
	$description    = htmlspecialchars(trim($_POST[description]));
	$newsmailist    = htmlspecialchars(trim($_POST[newsmailist]));
	$howus          = htmlspecialchars(trim($_POST[howus]));
	$servicecode    = htmlspecialchars(trim($_POST[servicecode]));
	$companyname    = htmlspecialchars(trim($_POST[companyname]));
	$companyurl     = htmlspecialchars(trim($_POST[companyurl]));
	$industry       = htmlspecialchars(trim($_POST[industry]));
	$companysize    = htmlspecialchars(trim($_POST[companysize]));
	$address        = htmlspecialchars(trim($_POST[address]));
	$locity         = htmlspecialchars(trim($_POST[locity]));
	$lostate        = htmlspecialchars(trim($_POST[lostate]));
	$lozip          = htmlspecialchars(trim($_POST[lozip]));
	$locountry      = htmlspecialchars(trim($_POST[locountry]));
	$generalarea    = htmlspecialchars(trim($_POST[generalarea]));
	$pristate       = htmlspecialchars(trim($_POST[pristate]));
	$pricountry     = htmlspecialchars(trim($_POST[pricountry]));
	$specialty      = htmlspecialchars(trim($_POST[specialty]));
	$indicate       = htmlspecialchars(trim($_POST[indicate]));
	$myclient1      = htmlspecialchars(trim($_POST[myclient1]));
	$myclient2      = htmlspecialchars(trim($_POST[myclient2]));
	$myclient3      = htmlspecialchars(trim($_POST[myclient3]));
	$myonline1      = htmlspecialchars(trim($_POST[myonline1]));
	$myonline2      = htmlspecialchars(trim($_POST[myonline2]));
	$myonline3      = htmlspecialchars(trim($_POST[myonline3]));
	$myfavoritet1   = htmlspecialchars(trim($_POST[myfavoritet1]));
	$myfavoritet2   = htmlspecialchars(trim($_POST[myfavoritet2]));
	$myfavoritet3   = htmlspecialchars(trim($_POST[myfavoritet3]));
	$myprofession1  = htmlspecialchars(trim($_POST[myprofession1]));
	$myprofession2  = htmlspecialchars(trim($_POST[myprofession2]));
	$myprofession3  = htmlspecialchars(trim($_POST[myprofession3]));

	if($_FILES["uploadfile"][name]!=''){
	   $f = new upfile("../uploadfiles/advisory/","gif,jpg,png");
	   if($f->upload("uploadfile")){
		 $filename1 = $f->savename;
		 $filename1p = $filename1;
		 //切割
		 if(file_exists("../uploadfiles/advisory/".$filename1)){
			$big_image_name = "../uploadfiles/advisory/".$filename1;
			$filename1 = substr($filename1, 0, -4);
			$cutbig = "../uploadfiles/advisory/".$filename1;
			@miniature($big_image_name, $cutbig, $max_width = 100, $max_height = 100, $resize = 1);
		 } 
	   }
	}


	$sql_1  = " select ep_uname,ep_pword from pa_employer where ep_uname = '".$username."' ";
	$arr1 = $DB->fetch_one_array($sql_1);
	$sql_2  = " select js_uname,js_pword from pa_candidates where js_uname ='".$username."'";
	$arr2 = $DB->fetch_one_array($sql_2);
	$sql_3  = " select rc_uname,rc_pword from pa_recuiter where rc_uname ='".$username."'";
	$arr3 = $DB->fetch_one_array($sql_3);
    $sql_4  = " select ad_uname,ad_pword from pa_advisory where ad_uname ='".$username."'";
	$arr4 = $DB->fetch_one_array($sql_4);

    $deadline = $deadline_conf_month + time();
	if(empty($arr1)&&empty($arr2)&&empty($arr3)&&empty($arr4)){
		$sql = "INSERT INTO `pa_advisory` ( `ad_servicecode` , `ad_uname` , `ad_pword` , `ad_fname` , `ad_lname` , `ad_copname` , `ad_jobtitle` , `ad_copdes` , `ad_website` , `ad_copsize` , `ad_primarystate` , `ad_primarycountry` , `ad_email` ,`ad_skype`,`ad_yrexp`,`ad_lozip`, `ad_newsmailist` , `ad_howus` , `ad_phone` , `ad_fax` , `ad_industry` , `ad_specialty` , `ad_address` , `ad_city` , `ad_state` , `ad_country` , `ad_generalarea` , `ad_indicate` , `ad_spoken` , `ad_upload` , `ad_regtime` , `ad_deadline` , `ad_status` , `ad_top3_1` , `ad_top3_2` , `ad_top3_3` , `ad_links_1` , `ad_links_2` , `ad_links_3` , `ad_sites_1` , `ad_sites_2` , `ad_sites_3` , `ad_profess_1` , `ad_profess_2` , `ad_profess_3` ) 
		VALUES (
		 '".$servicecode."', '".$username."', '".$password."', '".$firstname."', '".$lastname."', '".$companyname."', '".$jobtitle."', '".$description."', '".$companyurl."', '".$companysize."', '".$pristate."', '".$pricountry."', '".$email."','".$skype."','".$yrexp."','".$lozip."', '".$newsmailist."', '".$howus."', '".$phone."', '".$fax."', '".$industry."', '".$specialty."', '".$address."', '".$locity."', '".$lostate."', '".$locountry."', '".$generalarea."', '".$indicate."', '".$spokenlanguage."', '".$filename1p."', '".time()."', '".$deadline."', '0', '".$myclient1."', '".$myclient2."', '".$myclient3."', '".$myonline1."', '".$myonline2."', '".$myonline3."', '".$myfavoritet1."', '".$myfavoritet2."', '".$myfavoritet3."', '".$myprofession1."', '".$myprofession2."', '".$myprofession3."'
		);
		";
			$DB->query($sql);
	}else{
	  pa_exit("<h3 style=\"color:red\">The username is already taken. Please choose another one.</h3>");
	}


    redirect("./advisory.php?action=list","<font color=red>Added Successfully!</font>");
}


if ($_POST[action]=="update"){

	$password       = md5(trim($_POST[password]));
	$firstname      = htmlspecialchars(trim($_POST[firstname]));
	$lastname       = htmlspecialchars(trim($_POST[lastname]));
	$email          = htmlspecialchars(trim($_POST[email]));
	$phone          = htmlspecialchars(trim($_POST[phone]));
	$fax            = htmlspecialchars(trim($_POST[fax]));
	$jobtitle       = htmlspecialchars(trim($_POST[jobtitle]));
	$skype          = htmlspecialchars(trim($_POST[skype]));
	$spokenlanguage = htmlspecialchars(trim($_POST[spokenlanguage]));
	$yrexp          = htmlspecialchars(trim($_POST[yrexp]));
	$description    = htmlspecialchars(trim($_POST[description]));
	$newsmailist    = htmlspecialchars(trim($_POST[newsmailist]));
	$howus          = htmlspecialchars(trim($_POST[howus]));
	$servicecode    = htmlspecialchars(trim($_POST[servicecode]));
	$companyname    = htmlspecialchars(trim($_POST[companyname]));
	$companyurl     = htmlspecialchars(trim($_POST[companyurl]));
	$industry       = htmlspecialchars(trim($_POST[industry]));
	$companysize    = htmlspecialchars(trim($_POST[companysize]));
	$address        = htmlspecialchars(trim($_POST[address]));
	$locity         = htmlspecialchars(trim($_POST[locity]));
	$lostate        = htmlspecialchars(trim($_POST[lostate]));
	$lozip          = htmlspecialchars(trim($_POST[lozip]));
	$locountry      = htmlspecialchars(trim($_POST[locountry]));
	$generalarea    = htmlspecialchars(trim($_POST[generalarea]));
	$pristate       = htmlspecialchars(trim($_POST[pristate]));
	$pricountry     = htmlspecialchars(trim($_POST[pricountry]));
	$specialty      = htmlspecialchars(trim($_POST[specialty]));
	$indicate       = htmlspecialchars(trim($_POST[indicate]));
	$myclient1      = htmlspecialchars(trim($_POST[myclient1]));
	$myclient2      = htmlspecialchars(trim($_POST[myclient2]));
	$myclient3      = htmlspecialchars(trim($_POST[myclient3]));
	$myonline1      = htmlspecialchars(trim($_POST[myonline1]));
	$myonline2      = htmlspecialchars(trim($_POST[myonline2]));
	$myonline3      = htmlspecialchars(trim($_POST[myonline3]));
	$myfavoritet1   = htmlspecialchars(trim($_POST[myfavoritet1]));
	$myfavoritet2   = htmlspecialchars(trim($_POST[myfavoritet2]));
	$myfavoritet3   = htmlspecialchars(trim($_POST[myfavoritet3]));
	$myprofession1  = htmlspecialchars(trim($_POST[myprofession1]));
	$myprofession2  = htmlspecialchars(trim($_POST[myprofession2]));
	$myprofession3  = htmlspecialchars(trim($_POST[myprofession3]));

   
	if($_FILES["uploadfile"][name]!=''){
	   $f = new upfile("../uploadfiles/advisory/","gif,jpg,png");
	   if($f->upload("uploadfile")){
		 $filename = $f->savename;
		 $filename1 = $filename;
		 $upload = "`ad_upload` = '$filename',";
		 if(file_exists("../uploadfiles/advisory/".$filename1)){
			$big_image_name = "../uploadfiles/advisory/".$filename1;
			$filename1 = substr($filename1, 0, -4);
			$cutbig = "../uploadfiles/advisory/".$filename1;
			@miniature($big_image_name, $cutbig, $max_width = 100, $max_height = 100, $resize = 1);
		 } 
	   }
	}
	if($_POST[password]){
	  $pwd =  "`ad_pword`='$password' ,";
	}

    $sql = "UPDATE ".$db_prefix."advisory 
	                 SET 
					 ".$pwd."
                    `ad_copname`='".$companyname."' ,
					`ad_servicecode`='".$servicecode."',
					`ad_fname`='".$firstname."'  ,
				    `ad_lname`='".$lastname."'  ,
				    `ad_jobtitle`='".$jobtitle."'  ,
					`ad_address`='".$address."' ,
					`ad_industry`='".$industry."' ,
					`ad_specialty`='".$specialty."' ,
					`ad_copsize` ='".$companysize."' , 
					`ad_country`='".$locountry."' , 
					`ad_howus`='".$howus."' ,
					`ad_newsmailist`='".$newsmailist."',
					`ad_generalarea`='".$generalarea."' ,
					`ad_primarystate`='".$pristate."' ,
					`ad_primarycountry`='".$pricountry."' , 
					`ad_indicate`='".$indicate."' ,
					`ad_spoken`='".$spokenlanguage."' , 
					`ad_yrexp`='".$yrexp."' , 
					`ad_lozip` = '".$lozip."',
					".$upload."
					`ad_skype`='".$skype."' ,
					`ad_state`='".$lostate."' , 
					`ad_city`= '".$locity."', 
					`ad_phone`='".$phone."' ,
					`ad_fax`='".$fax."'  ,
					`ad_email`='".$email."' , 
					`ad_website`='".$companyurl."' , 
					`ad_copdes`= '".$description."',	
					`ad_top3_1`='".$myclient1."',
					`ad_top3_2`='".$myclient2."',
					`ad_top3_3`='".$myclient3."',
					`ad_links_1`='".$myonline1."',
					`ad_links_2`='".$myonline2."',
					`ad_links_3`='".$myonline3."',
					`ad_sites_1`='".$myfavoritet1."',
					`ad_sites_2`='".$myfavoritet2."',
					`ad_sites_3`='".$myfavoritet3."',
					`ad_profess_1` ='".$myprofession1."',
					`ad_profess_2` ='".$myprofession2."',
					`ad_profess_3` ='".$myprofession3."'
					WHERE ad_id= '".$_POST[id]."'";
	$DB->query($sql);
	redirect("./advisory.php?action=list&offset=".$offset,"<font color=red>Modified Successfully!</font>");
}
cpfooter();
?>